User:Nguyenh/BasicAutoAuth.php


<?php

# -------------------------------------------------------------------------
#
# BasicAutoAuth 0.12 - Automatic Login Extension for Basic Authentication
#
# Please visit http://meta.wikimedia.org/wiki/User:Nguyenh/BasicAutoAuth
# for important notes and other information.
#
# WARNING: This is a preview release. It may be unstable, incomplete
#          and may contain bugs. Use it at your own risk.
#
# TODO:    $wgAuth support
#
# Portions Copyright (C) 2006 Huy Hoang Nguyen,
# with parts derived from SpecialUserlogin.php.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation, version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
#
# http://www.gnu.org/copyleft/gpl.html
#
# -------------------------------------------------------------------------


# Check for MediaWiki environment and
# only include when using version 1.6+
if ( !defined( 'MEDIAWIKI' )  ||
     !isset( $wgVersion )  ||
     ( version_compare( $wgVersion, '1.6' ) < 0 ) )
    return;


$wgHooks[ 'AutoAuthenticate' ][] = 'wfBasicAutoAuthenticateExtension';

$wgExtensionCredits[ 'other' ][] = array(
    'name'    => 'BasicAutoAuth extension',
    'version' => '0.12',
    'author'  => 'Huy Hoang Nguyen',
    'url'     => 'http://meta.wikimedia.org/wiki/User:Nguyenh/BasicAutoAuth',
);

# ------------------------------------------------------
# Event handler for BasicAutoAuthenticate
# ------------------------------------------------------
function wfBasicAutoAuthenticateExtension( &$user ) {
    global $wgRequest, $wgServer, $wgScriptPath;

    /* Create user from session or cookie         */
    /* newFromSession() was introduced in r17004, */
    /* before, we have to use loadFromSession()   */
    if ( method_exists( 'User', 'newFromSession' ) )
        $u = User::newFromSession();
    else
        $u = User::loadFromSession();

    /* Exit if user is already logged in */
    if ( is_object( $u )  and  $u->isLoggedIn() ) {
        $user = $u;
        return true;
    }

    if ( isset( $_SERVER[ 'REMOTE_USER' ] ) ) {
        global $wgCommandLineMode;
        global $wgRequest;

        /* Initialize session for storing user data */
        if( !$wgCommandLineMode  and  !isset( $_COOKIE[ session_name() ] )  ) {
            User::SetupSession();
        }

        $u =& User::newFromName( $_SERVER[ 'REMOTE_USER' ] );
        
        /* Stop if user object was not created */
        if ( !is_object( $u ) ) {
            return true;
        }
    
        /* -------------------------------------------------- */
        /* Check user ID and load user data                   */
        /* Code snippet from SpecialUserlogin::processLogin() */
        /* -------------------------------------------------- */
        if ( 0 == $u->getID() ) {
            global $wgAuth;
            /**
            * If the external authentication plugin allows it,
            * automatically create a new account for users that
            * are externally defined but have not yet logged in.
            */
            if ( is_object($wgAuth)  and
                 $wgAuth->autoCreate()  and
                 $wgAuth->userExists( $u->getName() ) ) {
                if ( $wgAuth->authenticate( $u->getName(), $u->mPassword ) ) {
                    $u =& basicAutoAuthenticateInitUser( $u );
                    $user = $u;
                    return true;
                } else {
                    return true;
                }
            } else {
                return true;
            }
        } else {
            $u->loadFromDatabase();
    
            /* Check against supplied password */
            if ( $u->checkPassword( $_SERVER[ 'PHP_AUTH_PW' ] ) ) {
                $user = $u;
            }
        }
        /* -------------------------------------------------- */

    }

    return true;
}

/**
* Code taken from SpecialUserlogin::initUser()
*
* Actually add a user to the database.
* Give it a User object that has been initialised with a name.
*
* @param User $u
* @return User
* @access private
*/
function &basicAutoAuthenticateInitUser( &$u ) {
    $u->addToDatabase();
    $u->setPassword( $u->mPassword );
    $u->setEmail( $u->mEmail );
    $u->setRealName( $u->mRealName );
    $u->setToken();

    global $wgAuth;
    $wgAuth->initUser( $u );

    $u->setOption( 'rememberpassword', $u->mRemember ? 1 : 0 );

    return $u;
}

?>